Method, server, and storage medium for verifying transactions using a smart card
Abstract
A method, server and storage medium for verifying a transaction using a smart card are disclosed. A server receives a transaction request to perform a transaction with a user of the smart card. The transaction request includes identification information and encrypted data extracted from the smart card, and transaction information. The server determines a user account linked to the identification information. The server performs a first verification process to authenticate the smart card by verifying that the smart card possesses a correct decryption key corresponding to the identification information. The server performs a second verification process to authenticate the smart card by verifying that the encrypted data extracted from the smart card encodes stored data corresponding to the respective user account linked to the identification information. If the first and the second verification processes are successful, the server processes the transaction in accordance with the transaction information.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A method for verifying a transaction using a smart card, the method comprising:
performing, by a device comprising a memory storing instructions and a processor, a first verification process to authenticate a smart card associated with a terminal, the smart card comprising card identification information linked with a user account;
in response to the first verification process being successful, performing, by the device, a second verification process to authenticate the smart card, the second verification process comprising:
obtaining, according to the user account, stored un-encrypted card data and a stored decryption key from the memory of the device,
decrypting, with the stored decryption key, encrypted card data from the terminal,
determining whether the decrypted encrypted card data matches the stored un-encrypted card data, and
in response to determining that the decrypted encrypted card data matches the stored un-encrypted card data, authenticating a user of the smart card as an authorized user of the smart card; and
in response to the first verification and the second verification processes being successful, processing, by the device, a transaction in accordance with transaction information from the terminal.
2. The method of claim 1 , further comprising:
receiving, by the device, a transaction request from the terminal to perform the transaction, the transaction request comprising the card identification information, the encrypted card data, and the transaction information; and
determining, by the device, the user account linked to the card identification information.
3. The method of claim 2 , wherein the processing the transaction in accordance with the transaction information from the terminal further comprises:
processing, by the device, the transaction request according to the transaction information and payment information linked to the user account.
4. The method of claim 2 , wherein the performing the first verification process to authenticate the smart card comprises:
generating, by the device, a pseudo-random string, and storing the pseudo-random string in association with the transaction request;
encrypting, by the device, the pseudo-random string with a stored encryption key corresponding to the card identification information, wherein the stored encryption key and the stored decryption key corresponding to the card identification information form an encryption-decryption key pair;
sending, by the device, the encrypted pseudo-random string to the terminal for processing by the smart card;
receiving, by the device from the terminal, a decrypted string corresponding to a decryption process performed by the smart card on the encrypted pseudo-random string with a respective decryption key stored on the smart card; and
comparing, by the device, the decrypted string to the stored pseudo-random string to determine whether the decrypted string and the stored pseudo-random string are identical.
5. The method of claim 1 , further comprising:
providing, by the device, updated card data to the smart card, wherein the updated card data is encrypted with a stored encryption key corresponding to the user account.
6. The method of claim 1 , further comprising:
in response to the first verification or the second verification processes being unsuccessful, locking-out, by the device, the user account from performing subsequent transactions, and sending a notification to a second device linked to the user account indicating the first verification or the second verification processes being unsuccessful.
7. The method of claim 1 , wherein the processing the transaction in accordance with the transaction information from the terminal comprises:
in response to a determination that the transaction information is associated with a security risk, performing a third verification process by:
sending a notification to a second device linked to the user account; and
in response to receiving an authorization message from the second device, processing the transaction in accordance with the transaction information.
8. A device for verifying a transaction using a smart card, the device comprising:
a memory storing instructions; and
a processor in communication with the memory, wherein, when the processor executes the instructions, the processor is configured to cause the device to:
perform a first verification process to authenticate a smart card associated with a terminal, the smart card comprising card identification information linked with a user account,
in response to the first verification process being successful, perform a second verification process to authenticate the smart card, the second verification process comprising:
obtain, according to the user account, stored un-encrypted card data and a stored decryption key from the memory of the device,
decrypt, with the stored decryption key, encrypted card data from the terminal,
determine whether the decrypted encrypted card data matches the stored un-encrypted card data, and
in response to determining that the decrypted encrypted card data matches the stored un-encrypted card data, authenticate a user of the smart card as an authorized user of the smart card, and
in response to the first verification and the second verification processes being successful, process a transaction in accordance with transaction information from the terminal.
9. The device according to claim 8 , wherein, when the processor executes the instructions, the processor is further configured to cause the device to:
receive a transaction request from the terminal to perform the transaction, the transaction request comprising the card identification information, the encrypted card data, and the transaction information; and
determine the user account linked to the card identification information.
10. The device according to claim 9 , wherein, when the processor is configured to cause the device to process the transaction in accordance with the transaction information from the terminal, the processor is configured to cause the device to:
process the transaction request according to the transaction information and payment information linked to the user account.
11. The device according to claim 9 , wherein, when the processor is configured to cause the device to perform the first verification process to authenticate the smart card, the processor is configured to cause the device to:
generate a pseudo-random string, and store the pseudo-random string in association with the transaction request;
encrypt the pseudo-random string with a stored encryption key corresponding to the card identification information, wherein the stored encryption key and the stored decryption key corresponding to the card identification information form an encryption-decryption key pair;
send the encrypted pseudo-random string to the terminal for processing by the smart card;
receive, from the terminal, a decrypted string corresponding to a decryption process performed by the smart card on the encrypted pseudo-random string with a respective decryption key stored on the smart card; and
compare the decrypted string to the stored pseudo-random string to determine whether the decrypted string and the stored pseudo-random string are identical.
12. The device according to claim 8 , wherein, when the processor executes the instructions, the processor is further configured to cause the device to:
provide updated card data to the smart card, wherein the updated card data is encrypted with a stored encryption key corresponding to the user account.
13. The device according to claim 8 , wherein, when the processor executes the instructions, the processor is further configured to cause the device to:
in response to the first verification or the second verification processes being unsuccessful, lock-out the user account from performing subsequent transactions, and send a notification to a second device linked to the user account indicating the first verification or the second verification processes being unsuccessful.
14. The device according to claim 8 , wherein, when the processor is configured to cause the device to process the transaction in accordance with the transaction information from the terminal, the processor is configured to cause the device to:
in response to a determination that the transaction information is associated with a security risk, perform a third verification process by:
sending a notification to a second device linked to the user account; and
in response to receiving an authorization message from the second device, processing the transaction in accordance with the transaction information.
15. A non-transitory computer readable storage medium storing computer readable instructions, wherein, the computer readable instructions, when executed by a processor, are configured to cause the processor to perform:
performing a first verification process to authenticate a smart card associated with a terminal, the smart card comprising card identification information linked with a user account;
in response to the first verification process being successful, performing a second verification process to authenticate the smart card, the second verification process comprising:
obtaining, according to the user account, stored un-encrypted card data and a stored decryption key from a memory in communication with the processor,
decrypting, with the stored decryption key, encrypted card data from the terminal,
determining whether the decrypted encrypted card data matches the stored un-encrypted card data, and
in response to determining that the decrypted encrypted card data matches the stored un-encrypted card data, authenticating a user of the smart card as an authorized user of the smart card; and
in response to the first verification and the second verification processes being successful, processing a transaction in accordance with transaction information from the terminal.
16. The non-transitory computer readable storage medium according to claim 15 , wherein, when the computer readable instructions are executed by the processor, the computer readable instructions are further configured to cause the processor to perform:
receiving a transaction request from the terminal to perform the transaction, the transaction request comprising the card identification information, the encrypted card data, and the transaction information; and
determining the user account linked to the card identification information.
17. The non-transitory computer readable storage medium according to claim 16 , wherein, when the computer readable instructions are configured to cause the processor to perform processing the transaction in accordance with the transaction information from the terminal, the computer readable instructions are configured to cause the processor to perform:
processing the transaction request according to the transaction information and payment information linked to the user account.
18. The non-transitory computer readable storage medium according to claim 16 , wherein, when the computer readable instructions are configured to cause the processor to perform performing the first verification process to authenticate the smart card, the computer readable instructions are configured to cause the processor to perform:
generating a pseudo-random string, and storing the pseudo-random string in association with the transaction request;
encrypting the pseudo-random string with a stored encryption key corresponding to the card identification information, wherein the stored encryption key and the stored decryption key corresponding to the card identification information form an encryption-decryption key pair;
sending the encrypted pseudo-random string to the terminal for processing by the smart card;
receiving, from the terminal, a decrypted string corresponding to a decryption process performed by the smart card on the encrypted pseudo-random string with a respective decryption key stored on the smart card; and
comparing the decrypted string to the stored pseudo-random string to determine whether the decrypted string and the stored pseudo-random string are identical.
19. The non-transitory computer readable storage medium according to claim 15 , wherein, when the computer readable instructions are executed by the processor, the computer readable instructions are further configured to cause the processor to perform:
providing updated card data to the smart card, wherein the updated card data is encrypted with a stored encryption key corresponding to the user account.
20. The non-transitory computer readable storage medium according to claim 15 , wherein, when the computer readable instructions are executed by the processor, the computer readable instructions are further configured to cause the processor to perform:
in response to the first verification or the second verification processes being unsuccessful, locking-out the user account from performing subsequent transactions, and sending a notification to a second device linked to the user account indicating the first verification or the second verification processes being unsuccessful.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.